This Article 
 Bibliographic References 
 Add to: 
Key Agreement in Dynamic Peer Groups
August 2000 (vol. 11 no. 8)
pp. 769-780

Abstract—As a result of the increased popularity of group-oriented applications and protocols, group communication occurs in many different settings: from network multicasting to application layer tele- and videoconferencing. Regardless of the application environment, security services are necessary to provide communication privacy and integrity. This paper considers the problem of key agreement in dynamic peer groups. (Key agreement, especially in a group setting, is the stepping stone for all other security services.) Dynamic peer groups require not only initial key agreement (IKA) but also auxiliary key agreement (AKA) operations, such as member addition, member deletion, and group fusion. We discuss all group key agreement operations and present a concrete protocol suite, CLIQUES, which offers complete key agreement services. CLIQUES is based on multiparty extensions of the well-known Diffie-Hellman key exchange method. The protocols are efficient and provably secure against passive adversaries.

[1] W. Diffie and M.E. Hellman, New Directions in Cryptography IEEE Trans. Information Theory, vol. 22, pp. 644-654, 1976.
[2] G. Ateniese, M. Steiner, and G. Tsudik, "New Multi-Party Authentication Services and Key Agreement Protocols," IEEE J. Selected Areas in Comm., vol. 18, no. 4, 2000, pp. 628–639.
[3] I. Ingemarsson, D.T. Tang, and C.K. Wong, “A Conference Key Distribution System,” IEEE Trans. Information Theory, vol. 28, no. 5, pp. 714-720, 1982.
[4] D. Steer, L. Strawczynski, W. Diffie, and M. Wiener, “A Secure Audio Teleconference System,” Proc. Advances in Cryptology—Crypto '88, pp. 520-528, 1990.
[5] M. Burmester and Y. Desmedt, “A Secure and Efficient Conference Key Distribution System,” Proc. Advances in Cryptology—EUROCRYPT '94, 1995.
[6] M.K. Just, “Methods of Multiparty Cryptographic Key Establishment,” MS thesis, Computer Science Dept., Carleton Univ., Ottawa, Ontario, Aug. 1994.
[7] M. Steiner, G. Tsudik, and M. Waidner, “Diffie-Hellman Key Distribution Extended to Groups,” Third ACM Conf. Computer and Comm. Security, pp. 31–37, Mar. 1996.
[8] M. Just and S. Vaudenay, “Authenticated Multi-party Key Agreement,” Proc. Advances in Cryptology—EUROCRYPT '96, 1996.
[9] K. Becker and U. Wille, “Communication Complexity of Group Key Distribution,” Proc. Fifth ACM Conf. Computer and Comm. Security, pp. 1–6, 1998.
[10] H. Harney and C. Muckenhirn, “Group Key Management Protocol (GKMP) Architecture,” Internet Request for Comment RFC 2094, Internet Engineering Task Force, July 1997.
[11] C.K. Wong, M.G. Gouda, and S.S. Lam, “Secure Group Communications Using Key Graphs,” Proc. ACM SIGCOMM '98 Conf. Applications, Technologies, Architectures, and Protocols for Computer Comm., pp. 68–79, 1998.
[12] D.M. Wallner, E.G. Harder, and R.C. Agee, “Key Management for Multicast: Issues and Architecture,” Internet-Draft, Draft-Wallner-Key-Arch-00.txt, June 1997.
[13] K.P. Birman, Building Secure and Reliable Network Applications. Greenwich, Conn.: Manning Publications, 1996.
[14] Y. Amir, G. Ateniese, D. Hasse, Y. Kim, C. Nita-Rotaru, T. Schlossnagle, J. Schultz, J. Stanton, and G. Tsudik, Secure Group Communication in Asynchronous Networks with Failures: Integration and Experiments Proc. 20th IEEE Int'l Conf. Distributed Computing Systems, pp. 330-343, Apr. 2000.
[15] Y. Amir and J. Stanton, “The Spread Wide Area Group Communication System,” Technical Report CNDS 98-4, The Center for Networking and Distributed Systems, John Hopkins Univ., 1998.
[16] C.G. Günther, “An Identity-Based Key-Exchange Protocol,” Advances in Cryptology—EUROCRYPT '89, pp. 29–37, Apr. 1990.
[17] A.J. Menezes, P.C. van Oorschot, and S.A. Vanstone, Handbook of Applied Cryptography, CRC Press, Boca Raton, Fla., 1996, pp. 543-590.
[18] Y. Yacobi and Z. Shmuely, “On Key Distribution Systems,” Advances in Cryptology—CRYPTO '89, pp. 344–355, Aug. 1990.
[19] M. Burmester, “On the Risk of Opening Distributed Keys,” Proc. Advances in Cryptology—CRYPTO '94, pp. 308–317, 1994.
[20] M. Naor and O. Reingold, “Number-Theoretic Constructions of Efficient Pseudorandom Functions,” Proc. 38th IEEE Symp. Foundations of Computer Science, 1997.
[21] E. Biham, D. Boneh, and O. Reingold, “Breaking Generalized Diffie-Hellman Modulo: A Composite Is No Easier than Factoring,” Information Processing Letters, vol. 70, pp. 83–87, 1999.
[22] C.P. Schnorr, “Efficient Signature Generation by Smart Cards,” J. Cryptology, vol. 4, no. 3, pp. 161–174, 1991.
[23] U.S. National Institute of Standards and Technology (NIST}, “The Digital Signature Standard,” FIPS PUB 186, May 1994.
[24] S. Brands, “An Efficient Off-Line Electronic Cash System Based on the Representation Problem,” Technical Report CS-R9323, Centrum voor Wiskunde en Informatica, Mar. 1993.
[25] D.R. Stinson, Cryptography: Theory and Practice. Boca Raton, Fla.: CRC Press, 1995.
[26] D. Chaum, “Zero-Knowledge Undeniable Signatures,” Advances in Cryptology—EUROCRYPT '90, pp. 458–464, May 1991.
[27] L. Gong, Enclaves: Enabling Secure Collaboration over the Internet IEEE J. Selected Areas in Comm., vol. 15, no. 3, pp. 567-575, Apr. 1997.
[28] A. Ballardie, “Scalable Multicast Key Distribution,” Internet Request for Comment RFC 1949, Internet Engineering Task Force, May 1996.
[29] S. Mittra, “Iolus: A Framework for Scalable Secure Multicasting,” Proc. ACM SIGCOMM '97, Sept. 1997.
[30] D.A. McGrew and A.T. Sherman, “Key Establishment in Large Dynamic Groups Using One-Way Function Trees,” manuscript, May 1998.
[31] R. Canetti, J. Garay, G. Itkis, D. Micciancio, M. Naor, and B. Pinkas, “Multicast Security: A Taxonomy and Some Efficient Constructions,” Proc. INFOCOMM '99, Mar. 1999.
[32] G. Caronni, M. Waldvogel, D. Sun, N. Weiler, and B. Plattner, “The VersaKey Framework: Versatile Group Key Management,” IEEE J. Selected Areas in Comm., vol. 17, no. 9, Sept. 1999.
[33] O. Rodeh, K. Birman, and D. Dolev, “Optimized Rekey for Group Communication Systems,” Proc. Symp. Network and Distributed Systems Security (NDSS '00), pp. 37–48, Feb. 2000.
[34] M. Reiter, K. Birman, and R. van Renesse, “A Security Architecture for Fault-Tolerant Systems,” ACM Trans. Computer Systems, vol. 12, no. 4, pp. 340–371, Nov. 1994.
[35] M.K. Reiter, “Distributing Trust with the Rampart Toolkit,” Comm. ACM, vol. 39, no. 4, pp. 71–74, Apr. 1996.
[36] M.K. Reiter, “A Secure Group Membership Protocol,” Proc. IEEE Symp. Research in Security and Privacy, May 1994.
[37] M.K. Reiter and K.P. Birman, "How to Securely Replicate Services," ACM Trans. Programming Language Systems, vol. 16, no. 3, pp. 986-1,009, 1994.
[38] D. Malkhi, M. Merrit, and O. Rodeh, “Secure Reliable Multicast Protocols in a WAN,” Int'l Conf. Distributed Computing Systems (ICDCS '97), pp. 87–94, 1997.
[39] D. Malkhi and M. Reiter, “A High-Throughput Secure Reliable Multicast Protocol,” J. Computer Security, vol. 5, pp. 113–127, 1997.

Index Terms:
Collaborative work, communication system security, cryptography, decision Diffie-Hellman problem, dynamic peer groups, key establishment/agreement protocols, multiparty computation.
Michael Steiner, Gene Tsudik, Michael Waidner, "Key Agreement in Dynamic Peer Groups," IEEE Transactions on Parallel and Distributed Systems, vol. 11, no. 8, pp. 769-780, Aug. 2000, doi:10.1109/71.877936
Usage of this product signifies your acceptance of the Terms of Use.